BigFix Reviews

A typical use case for BigFix involves managing a diverse range of clients, such as Windows, Linux, and various versions of Red Hat. My clients use BigFix since it is particularly beneficial when a company has many different types of operating systems. If a user has only one type, like just Windows, the benefit may not be as clear compared to other vendors. However, BigFix is a good solution for companies with diverse systems.

The BigFix features that have proven most effective include inventory, software delivery, software distribution, software catalog, and both software and hardware management. BigFix is a very powerful tool if you want to know how many clients are in your enterprise and control or distribute software effectively.

First, we use it for security patching on Windows and Linux. 

Second, we use it for server automation procedures. 

Third, we use the remote control feature of this solution.

The solution is very good and very advanced. It has so many elements that the other solutions don't have. For example, for organizations that are heterogeneous in their environment, BigFix is the best solution. For example, we don't only use Windows environments. We're using other environments, too. This is the reason why BigFix is better than SCCM.

I use BigFix for endpoint security management in my industry. It is an integrated solution that I use in collaboration with BigFix and IBM tools. I have integrated BigFix with ILMT and utilize it for operational purposes.

I use BigFix to capture the latest hardware and software information from all the endpoints and push that information to ILMT dashboard.

It has been reliable for endpoints that give accurate information. It has been effective in many cases. It has saved us from audits, so it has been effective in our use scenario.

Our primary use cases for BigFix range from patch management and security templates to software distribution. These are essential tasks for endpoint management across various companies.

The tool's most valuable features are patching and integration with vulnerability scanners. 

The compliance module in BigFix helps to maintain security compliance. It addresses standards such as CIS, DISA STIG, NIST, GDPR, and others, providing real-time capabilities to ensure adherence to these security templates.

The tool streamlines the endpoint patch management process through one console and agent. It's straightforward to deploy patches and policies, making the entire process intuitive. 

We have found that the solution is good security-wise. It’s customizable; however, you need good knowledge of the tool. It’s not for beginners.

In terms of compliance, we utilize compliance checklists and templates to ensure success. These templates help us evaluate the compliance and rating of our devices. For devices that do not meet compliance standards, we generate actionable items to address and fix the issues. Our security posture is improving by utilizing compliance analysis for all our devices.

Our customers mainly use BigFix for inventory, compliance, patch management, and software deployment. We also use it with the IBM License Metrics Tool. Our customers are mostly in the telecom and financial sectors.

The solution has many useful features. Its main advantage is simplicity - you can do everything from one console, regardless of the task. It supports many operating systems and is scalable to up to 250,000 clients.

The solution is great for automation. It uses relevant language, and each client can send requests for information about files or other data. Based on the results, you can set up analyzers and actions. For example, in patch management, you can automatically deploy patches to clients that don't have the newest version.

I am supporting a client and serving as an administrator of BigFix. My responsibilities include taking care of the whole infrastructure, patch deployment, vulnerability scanning, vulnerability assessment, third-party application vulnerability mitigation, generating reports, and ensuring compliance with security standards such as the CIS checklist. We handle all the security standards related to BigFix.

BigFix has several good features. Firstly, its client on the endpoints consumes less than 2% of CPU memory. Unlike other solutions like CrowdStrike or Tenable, where clients communicate with the database once a day or collect data every two days, BigFix offers real-time detection of endpoints. For example, if we have predefined conditions for monthly OS patches on various operating systems like AIX, Windows, Linux, and Mac, BigFix provides its own external sites where patches released by Microsoft or Mac are stored. These patches and content are integrated with the BigFix network. Each patch or package has relevant conditions that continuously evaluate the endpoints to determine if they are applicable. When creating software packages, we ensure that relevant conditions are met to prevent redundant deployments. This is important as continuous patching without checks can lead to system corruption or device issues. 

We are currently managing more than a hundred devices. So, upon creating a package with the relevant condition in place, there are already thousands of devices that have that specific package deployed. The condition checks to ensure that the package is not redeployed to those devices, avoiding any potential issues that can arise from repeated deployments. 

In some internal solutions, continuously deploying patches to an endpoint can lead to system corruption, device hang-ups, or other problems. However, BigFix prevents such issues by evaluating the relevance of each patch and ensuring it is only deployed when necessary.

BigFix is an endpoint customer solution that offers various capabilities. It enables compliance management, pack management, software and OS deployment, and power management. You can also integrate One Ready scanning tools like Qualys or Tenable, allowing vulnerability feeds to be directly evaluated within BigFix. 

If BigFix does not have a pre-existing solution, we can create our own scripts using its action script and relevant language. The platform supports multiple scripting languages, including PowerShell and Python, providing flexibility for deployments.

The use case for BigFix is for security, patch management, and compliance which is one of the most important parameters in large banking, and large enterprises where the customers would want to comply with their latest operating system protocols. The solution is also complying with the latest ISO 27001, which is a security compliance protocol as per ISO audit. BigFix helps in getting all these operating systems, and applications to the latest patch management levels possible. The solution makes the system more compliant and ready for our business and other IT operations.

The best feature of BigFix is its multi-platform support. Unlike other products, the solution supports Windows, Linux, and Unix. BigFix is able to support any operating system. When a customer buys, they don't need to look at multiple options. The second valuable feature is, BigFix also has an auto patch updating feature, where the latest patches, and what is required for my system are automatically downloaded and kept ready for me. The solution applies the patch and notifies me after applying the patch. BigFix also gives me a ping saying that I should reset my system within a certain period of time, while the patch is being applied. Let's say, the patch is being applied and if there's an issue, the solution can revoke the applied patch, and revert back to the old state. 

BigFix is also a tool that has inventory management, where it can go ahead and find the inventories associated with the enterprise, and it can detect the auto inventory feature, which will help me in detecting those devices that have not been already accounted for. The solution can also help me in doing SAM, Software Asset Management work. Apart from this, BigFix also is something that works with tools such as VAPT, Vulnerability Assessment, and Penetration Testing tools, if the VAPT test is being done, whatever shortcomings were being taken by VAPT can be auto-updated using BigFix.